<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link href="../style/main.css" type="text/css" rel="stylesheet">
        <link href="../style/salesperson.css" type="text/css" rel="stylesheet">
        <script type="text/javascript" src="../script/jquery-1.8.2.js"></script>
        <script type="text/javascript" src="../script/js1.js"></script>
        <title></title>
    </head>
    <body>
        <header>
        <?php
        session_start();
        mysql_connect("localhost:3306", "root", "16886611");
        mysql_select_db("digitalsales");
        $_SESSION["cartowner"]=NULL;
        if(!isset($_SESSION["salesman"])||$_SESSION["salesman"]==NULL){
            echo '<ul>
                 <li>
                    <p>YOU HAVE NOT LOGGED IN YET</p>
                  </li>
                </ul>';
        }else{
            echo '<ul>
                <li id="logout">
                  <p><a href="index.php?action=logout">Log out</a></p>
                </li>
                  <li>
                    <p>Welcome back,'.$_SESSION["salesman"].'!</p>
                  </li>
                </ul>';
        }
        if(isset($_GET["action"])){
            if($_GET["action"]=="finish"){
                $sql1="select product,sid,price,amount,customer from (select product,amount,customer from shopcarts where customer='".$_GET["customer"]."') scp,(select sid,pid,price from product_stores where sid=".$_GET["storeid"].") ssp where scp.product=ssp.pid";
                $result1=mysql_query($sql1);
                 while ($res1=mysql_fetch_row($result1)){
                     $sql2="update product_stores set amount=amount-".$res1[3]." where pid=".$res1[0]." and sid=".$res1[1];
                     mysql_query($sql2);
                     $t=time(); 
                     $sql3="insert into transactions (product,store,price,quantity,customer,salesperson,date) values (".$res1[0].",".$res1[1].",".$res1[2].",".$res1[3].",'".$res1[4]."','".$_SESSION["salesman"]."','".date("Y-m-d",$t)."')";
                     mysql_query($sql3);
                     $sql4="delete from shopcarts where customer='".$res1[4]."' and product=".$res1[0];
                     mysql_query($sql4);
                 }
                 header("Location:index.php");
            }
            if($_GET["action"]=="nexttime"){
                header("Location:index.php");
            }
        }
        $total=0;
        $sql="select sum(amount*price) from (select product,amount from shopcarts where customer='".$_GET["customer"]."') scp,(select pid,price from product_stores where sid=".$_GET["storeid"].") ssp where scp.product=ssp.pid";
        $result=mysql_query($sql);
        while ($res=mysql_fetch_row($result)){
            $total=$res[0];
        }
        echo '<div id="checkout" class="Mainpanel">';
            echo '<div style="width:100px;height: 50px;overflow: visible">
                        <img src="../images/checkout.png" style="width: 800px;height: 150px;margin-left: -100px;margin-top: -75px">
                    </div>';
            echo '<form id="form1" name="form1" method="POST" action="">
                    <label>Need to pay:$'.$total.'</label>
                    <input class="checkoutButton" onclick="jump(\'checkout.php?customer='.$_GET["customer"].'&storeid='.$_GET["storeid"].'&action=finish\')" value="Finish Payment">
                    <input class="checkoutButton" onclick="jump(\'checkout.php?customer='.$_GET["customer"].'&storeid='.$_GET["storeid"].'&action=nexttime\')" value="Pay Next Time">
                </form>';
            if(isset($_SESSION["error"])&&$_SESSION["error"]!=NULL){
                echo '<p class="error">'.$_SESSION["error"].'</p>';
                $_SESSION["error"]=NULL;
            }
        echo '</div>';
        
        ?>
        </header>
    </body>
</html>
